Agent 2 agent authorization issue

[hhoeksel]

Hi,

I am having problems configuring agent 2 agent authentication. I am using the new portal. I have created an agent that should start a workflow. Both workflow and agent are published.

I created an agent to agent tool, for the A2A Agent Endpoint I used the URL i found under my workflow (when building) onder the publish button -> view details, so that is something like:

https://myservice.services.ai.azure.com/api/projects/my-project/applications/hello-world-workflow/protocols/activityprotocol?api-version=2025-11-15-preview

I set authentication to Microsoft Entra, type Agent Identification and audience to https://ai.azure.com

So far so good.

Then I lookup the identy of agent that is starting the workflow under the operate tab -> asset, column Entra Id (Application)
In the Azure portal I then went to the Microsoft Foundry project resource and under IAM I added a new role assignment for this id and gave the Azure AI User role.

Now I know that a published agent and when you are building and use the preview option uses different identities so I also looked up that identity (I think) I wen to the overview of the MS Foundry project resource in the Azure Portal. On the overview pane i clicked the JSON view link and found the agentIdentityId field.

Then back to IAM and also assigned this identity the Azure AI user role.

Made sure to publish I published the agent that is calling the workflow ofcourse.

But I am getting this error no matter what I try in the preview and when my agent is called from my logic app (note without the a2a tool it is working fine):

ErrorFailed to fetch agent card: Response status code does not indicate success: 401 (PermissionDenied).

Does anyone have a clue what I am doing wrong here?

[leestott]

Hi @hhoeksel

The 401 in this scenario is almost always caused by using the wrong identity or wrong audience for the A2A call, not by missing “Azure AI User” in general.

Based on current Foundry A2A behavior, there are three common gotchas that explain your symptoms.

1. Wrong audience for A2A Agent Identification

For Agent‑to‑Agent calls, the Entra token audience must match the Foundry data plane, not the portal.

Using: https://ai.azure.com will produce a token that is valid for the portal, but invalid for agent execution, which results in:
401 PermissionDenied

Correct audience for A2A is: https://cognitiveservices.azure.com This is explicitly required for Foundry agent and workflow execution tokens.
See: https://learn.microsoft.com/azure/ai-foundry/agents/concepts/agent-to-agent-authentication

2. RBAC must be on the Foundry resource, not just the project

The Azure AI User role must be assigned on: Microsoft.CognitiveServices/accounts (the Foundry resource)

Not only on:

• the project
• the workflow
• or the Logic App

Both identities must have access at the Foundry resource scope:

• The published agent identity (shown under Operate → Assets → Entra ID)
• The project‑level agentIdentityId (used for preview / shared identity)

See:
https://learn.microsoft.com/azure/ai-foundry/agents/concepts/agent-identity
https://learn.microsoft.com/azure/ai-foundry/concepts/authentication-authorization-foundry

3. Preview vs Published identity mismatch is expected (and you handled it correctly)

You were right to assign:

• the calling agent’s Entra application ID
• AND the project agentIdentityId from the Foundry resource JSON

However, RBAC propagation can take several minutes, and publishing is required after role assignment for A2A tools to pick up permissions.

This behavior is documented and expected at https://learn.microsoft.com/azure/ai-foundry/agents/concepts/agent-identity

What to change

• Change A2A tool authentication audience from
  https://ai.azure.com/
  to
  https://cognitiveservices.azure.com
• Ensure Azure AI User is assigned at the Foundry (Cognitive Services) resource scope
• Republish the calling agent after RBAC changes

That combination resolves the 401 in almost all A2A workflow‑trigger cases.

[hhoeksel]

Hi @leestott ,

Thank you for taking the time to reply. I changed the audience, assigned identities the Azure AI user role at the foundry resource level for both the calling agent as well as theproject agentIdentityId, waited half an hour, republished everything but the same issue remains.

Also my agent starts a workflow (for some reason you can start a workflow directly from logic apps using the Foundry connector) so for testing I changed my calling agent that it calls a "regular" agent (so new a2a tool added, republished) but same error.

After I remove the a2a tool from the agent it works again

Also in the preview of the foundry portal i also keep getting the same error

Do you have any other ideas I might be able to check or is there some kind of logging where I can get more details?

[hhoeksel]

I also tried the following (unsuccesfull) workaround:

created a new connection on the project using the admin tab on operate.
connected to my foundry project

created a new a2a connection but now key based, used x-api-key as the key and the keyvalue from my connection as the value.
added it to my calling agent, removed the old a2a tool, published but still the same error.